Package org.bouncycastle.cert

Class X509ExtensionUtils

java.lang.Object
org.bouncycastle.cert.X509ExtensionUtils
Direct Known Subclasses:
BcX509ExtensionUtils, JcaX509ExtensionUtils
public class X509ExtensionUtils extends Object
General utility class for creating calculated extensions using the standard methods.

Note: This class is not thread safe!

  • Constructor Summary

    Constructors
    Constructor
    Description
    X509ExtensionUtils(DigestCalculator calculator)
    Base constructor - for conformance to RFC 5280 use a calculator based on SHA-1.

  • Method Summary

    Modifier and Type
    Method
    Description
    org.bouncycastle.asn1.x509.AuthorityKeyIdentifier
    createAuthorityKeyIdentifier(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
    Create an AuthorityKeyIdentifier from the passed in SubjectPublicKeyInfo.
    org.bouncycastle.asn1.x509.AuthorityKeyIdentifier
    createAuthorityKeyIdentifier(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo, org.bouncycastle.asn1.x509.GeneralNames generalNames, BigInteger serial)
    Create an AuthorityKeyIdentifier from the passed in arguments.
    org.bouncycastle.asn1.x509.AuthorityKeyIdentifier
    createAuthorityKeyIdentifier(X509CertificateHolder certHolder)
    Create an AuthorityKeyIdentifier from the passed in arguments.
    org.bouncycastle.asn1.x509.SubjectKeyIdentifier
    createSubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
    Return a RFC 5280 type 1 key identifier.
    org.bouncycastle.asn1.x509.SubjectKeyIdentifier
    createTruncatedSubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
    Return a RFC 5280 type 2 key identifier.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • X509ExtensionUtils

      public X509ExtensionUtils(DigestCalculator calculator)
      Base constructor - for conformance to RFC 5280 use a calculator based on SHA-1.
      Parameters:
      calculator - a calculator for calculating subject key ids.

  • Method Details

    • createAuthorityKeyIdentifier

      public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier(X509CertificateHolder certHolder)
      Create an AuthorityKeyIdentifier from the passed in arguments.
      Parameters:
      certHolder - the issuer certificate that the AuthorityKeyIdentifier should refer to.
      Returns:
      an AuthorityKeyIdentifier.

    • createAuthorityKeyIdentifier

      public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
      Create an AuthorityKeyIdentifier from the passed in SubjectPublicKeyInfo.
      Parameters:
      publicKeyInfo - the SubjectPublicKeyInfo to base the key identifier on.
      Returns:
      an AuthorityKeyIdentifier.

    • createAuthorityKeyIdentifier

      public org.bouncycastle.asn1.x509.AuthorityKeyIdentifier createAuthorityKeyIdentifier(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo, org.bouncycastle.asn1.x509.GeneralNames generalNames, BigInteger serial)
      Create an AuthorityKeyIdentifier from the passed in arguments.
      Parameters:
      publicKeyInfo - the SubjectPublicKeyInfo to base the key identifier on.
      generalNames - the general names to associate with the issuer cert's issuer.
      serial - the serial number of the issuer cert.
      Returns:
      an AuthorityKeyIdentifier.

    • createSubjectKeyIdentifier

      public org.bouncycastle.asn1.x509.SubjectKeyIdentifier createSubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
      Return a RFC 5280 type 1 key identifier. As in: 
       (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
 value of the BIT STRING subjectPublicKey (excluding the tag,
 length, and number of unused bits).
      Parameters:
      publicKeyInfo - the key info object containing the subjectPublicKey field.
      Returns:
      the key identifier.

    • createTruncatedSubjectKeyIdentifier

      public org.bouncycastle.asn1.x509.SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo publicKeyInfo)
      Return a RFC 5280 type 2 key identifier. As in: 
       (2) The keyIdentifier is composed of a four bit type field with
 the value 0100 followed by the least significant 60 bits of the
 SHA-1 hash of the value of the BIT STRING subjectPublicKey.
      Parameters:
      publicKeyInfo - the key info object containing the subjectPublicKey field.
      Returns:
      the key identifier.